Last week in our blog post, Understanding the components in Apache CloudStack and Citrix CloudPlatform, we discussed the necessary pieces needed for a service provider to set up their cloud environment. This week we are going to drill down even further and discuss the networks within a cloud environment.
1. Management Network
The management network is used by cloud components to communicate with one another. The management network must be RFC 1918 and a subnet size of at least /20 is recommended to allow for growth. The network may be on a tagged VLAN for KVM and VMware deployments. The components that need to be on this network are: management server, console proxy VM, secondary storage VM, virtual routers (on VMware only), and hosts.
2. Public Network
The public network is where cloud management will assign public IP addresses within the environment. This network must be isolated by tagged VLAN. The cloud components that will be on this network are: secondary storage VM, console proxy VM, and virtual router VM. This network will be automatically provisioned and controlled by cloud management on the host machines.
3. Guest Network
The guest network is any network created by an administrator or end user within the cloud environment where guest VMs will be attached. Guest networks are always isolated by tagged VLAN. This network will be automatically provisioned and controlled by cloud management on the host machines.
4. Secondary Storage Network (Optional)
This optional network is for secondary storage traffic between the secondary storage VM, secondary storage share and hosts. This network must be isolated by tagged VLAN. When electing not to use the optional secondary storage network, secondary storage traffic will traverse the management network. This network will be automatically provisioned and controlled by cloud management on the host machines.
5. Primary Storage Network
This network is used for VM volume storage communication between the host nodes and the primary storage appliance(s). Appcore recommends that this network is either isolated by VLAN or on its own separate network. The only components that should exist on this network are the hosts and storage appliances. The cloud management server does not control this network and does not need to communicate on this network.
6. Control Network (KVM and XenServer only)
This is a link-local network (as described by RFC 6890 and 3927) between the hypervisor and system VMs within the environment. This network is used to execute commands and pull statistics about the system VM from the hypervisor. This network allows conservation of the management address space. When the VMware hypervisor is used in the environment, the management network will be used for control. This network will be automatically provisioned and controlled by cloud management on the host machines.
Service providers, configuring your network is an important step in the process when deploying a cloud solution. During the design phase, make sure to address networking configuration, as well as storage resources, hypervisor details, etc. Understanding how all the components within Apache CloudStack and Citrix CloudPlatfrom integrate will alleviate issues during implementation; allowing you to have a scalable, efficient enterprise-grade cloud.
photo credit: Stormtroopers Skateboard Ramp